A Unique DEFCON Experience
My experience is one of 30,000 other unique DEFCON experiences. Indeed, even if you spend the entire time with the same person, your DEFCON experience is still going to be different.
Workshop 1: Introduction to Cryptographic Attacks
For me, the conference started with the two workshops that I was lucky to book in 1.5 seconds before they were sold out.
A Mathematical Odyssey
The first workshop was An Introduction to Cryptographic Attacks, yet it deserves a whole PhD program in math and cryptography. Before we started, a flash drive with the virtual machine image was passed around which made me think about the irony of a simple attack vector at a hacker convention.
Diving into RSA Attacks
The workshop covered common attack vectors on RSA such as guessing d, cycle attacks, common modulus, factoring the public key, and low exponent attack. The last attack brought me back to my school years where I learned the Chinese Remainder Theorem but from a pure math perspective. The most interesting part was, of course, performing the actual attacks on the virtual machine, and after four hours, my brain restored the majority of math formulas that I had learned at school.
Workshop 2: Hands-On TCP/IP Deep Dive with Wireshark
If anyone wants to catch sharks in a sea of traffic, the Hands-On TCP/IP Deep Dive with Wireshark workshop is ideal.
I did not expect a lot from this event since I had participated in a TCP/IP workshop last year. Indeed, how much can you talk about TCP/IP? Maybe write a book or ten… Chris Greer, a security analyst, and YouTuber, changed my perception of the protocols and how to analyze them.
A tool like Wireshark looked straightforward and simple, until I attended this workshop. We did a deep-dive into the TCP handshake, sequence/ack numbers, retransmissions, etc. I no longer see the packet analysis as a tedious process. By working on the PCAP files, I practiced making templates, filters, and analyzing each particular request to find the exact one that caused a problem. Overall, a great experience and I subscribed to Chris’s YouTube channel to learn more tricks.
Exploring the Village World
My next stop at the conference was the world of DEFCON villages. Compared to DEFCON 2022, this year felt even more crowded.
The villages were so crowded that some of the hallways were even blocked, which is why I started with one of the fun-est yet not the easiest fields of hacking, lockpicking at the Lockpick Village. I was so happy when I picked my first-ever lock! Hours spent in the village felt like minutes and I was able to make some connections with people who came to DEFCON all the way from France, Canada, and Germany.
Tamper Evident Village
Last but not the least… did you know that your Amazon package can be opened and resealed with no traces left behind? That is the focus of the Tamper Evident Village. A syringe is used to inject liquid between the tape and the box leaving no chances for a package owner to know if somebody opened it before. I left some surprises in my box for the next person. 😉
Yasmin Kadyrova is a Security Engineer at Security Innovation. Her passion for mathematics led her to Cybersecurity, with a specialization in Penetration Testing.